I'm using Grails Spring Security plugin version:
compile ":spring-security-core:2.0-RC4"
compile ":spring-security-acl:2.0-RC2"
is it possible to turn off password check somehow for my dev environment?
If what you want is diable security in the development environment, you can do this by adding this line in your development section of your grails configuration (depending on your version of grails, here Config.groovy, for grails 2.x):
environments {
development {
grails.plugin.springsecurity.active = false
}
}
In grails 3, you can do this in application.yml
environments:
development:
grails:
plugin:
springsecurity:
active: false
Related
I have setup SSL within my Grails 3.3 application as follows and it works appropriately.
environments:
development:
server:
port: 8443
ssl:
enabled: true
key-store: './localkeystore'
key-store-password: 'localonly'
key-password: 'localonly'
However, I have to manually change the URL to https in the browser. I am using IntelliJ IDEA to deploy locally with the Gradle bootRun command. The deployment log shows the URL upon deployment as unsecure. How can I change this URL to https?
Grails application running at http://localhost:8080/application in
environment: development
If you are running the application with the Gradle bootRun command:
Open build.gradle file and add following configuration there:
bootRun {
systemProperty 'server.port', '8443'
systemProperty 'server.ssl.enabled', 'true'
systemProperty 'server.ssl.key-store', './localkeystore'
systemProperty 'server.ssl.key-store-password', 'localonly'
systemProperty 'server.ssl.key-password', 'localonly'
}
Hope this helps you.
Edit the run configuration for your grails application and add -https option to the command line.
It would be : grails run-app -https ...
I am trying to use a Grails Project as a Plugin to basically have my domain classes in the Plugin and then use them in multiple Grails projects.
I've done this:
grails create-app web
grails create-app plugin
create a settings.gradle in the root directory of both projects with
include 'plugin', 'web'
then I added spring security to the plugin and used s2-quickstart to create a user and a role domain class and added some default users to the Bootstrap.groovy.
Starting the plugin project alone doesn't show any issues.
Now I added the plugin as a dependency to the web project:
compile (':plugin')
This way I can access the domain classes from the plugin inside the web project, it compiles fine. I added the spring config to the application.groovy and am now trying to use the domain classes from the plugin inside the web project.
Trying this however my project does not correctly start and it tells me this:
java.lang.IllegalStateException: Either class [htcommon.HtRole] is not a domain class or GORM has not been initialized correctly or has already been shutdown. If you are unit testing your entities using the mocking APIs
as soon as my code tries to do new HtRole(...).save()
It seems the domain classes from the plugin are not recognized as GORM classes somehow.
The issue with the domain not being recognized as a GORM class was due to the constructors provided in them. These constructors were generated from s2-quickstart, but should be removed (it's a bug in spring-security-core). I removed the constructors and the one place you were using them I used map style default constructors. Then I fixed the call you had to get the current user.
The repaired source is in this repo on GitHub (patch-1 branch is working, master is the OP's original broken code)
I received the same error message when running a plugin containing GORM domains using grails run-app in Grails 3.1.6. I fixed the problem by providing explicit configuration for initialising Hibernate as follows:
build.gradle:
dependencies {
...
runtime "org.grails.plugins:hibernate4"
runtime "org.hibernate:hibernate-ehcache"
}
grails-app/conf/application.yml:
---
environments:
development:
hibernate:
cache:
queries: false
use_second_level_cache: true
use_query_cache: false
region.factory_class: 'org.hibernate.cache.ehcache.EhCacheRegionFactory'
dataSource:
pooled: true
jmxExport: true
driverClassName: org.h2.Driver
username: sa
password:
dbCreate: create-drop
url: jdbc:h2:mem:devDb;MVCC=TRUE;LOCK_TIMEOUT=10000;DB_CLOSE_ON_EXIT=FALSE
I have an app that runs in multiple production environments. In one environment we want to authenticate with LDAP, in the other we do not. If the Spring Security LDAP plugin is included in BuildConfig.groovy, the non-LDAP environment fails to authenticate because LDAP is not configured.
I tried
environments {
devldap {
plugins {
compile ":spring-security-ldap:2.0-RC2"
}
}
}
but the LDAP plugin still builds with the non-LDAP environment and causes the non-LDAP environment (in this case development) to fail to authenticate if I don't include the LDAP configuration because it can't connect to LDAP.
I've tried
grails clean
grails refresh-dependencies
but the LDAP plugin only uninstalls if I completely comment it out.
How can I conditionally include/exclude a plugin in my build?
I see this question is a bit old now, however I do a similar thing with the Melody plugin. There is no value in this being installed during TEST - and can get in the way - so I do the following:
plugins {
// other plugins ...
if( Environment.current != Environment.TEST )
compile ":grails-melody:1.56.0"
// other plugins ...
}
So when I run 'test-app' I see the plugin 'uninstalled' and then when I do 'run-app' I see it installed and it's available.
NOTE: I recently got caught out by forgetting to also do an import grails.util.Environment. If you do that, you'll find that Environment.current == [:] as does Environment.TEST etc. I believe this is due to the builder behind the config file.
I am a newbie for log4j and sl4j, I am using grails 2.0.4 and in config.groovy there is a line
grails.logging.jul.usebridge = false for prod
&
grails.logging.jul.usebridge = true for dev
I followed this article, As it says that use of grails.logging.jul.usebridge is to implement the swapping logic of logging frameworks such as
log4j
java.util.logging
commons logging
logback
Is this the only use of grails.logging.jul.usebridge in config.groovy, or is there any other uses
And one more question
which is the recommended logging framework to use in production environment
I definitely recommend you using Log4j. It has no dependencies and is tested (or even included) in various web app servers. You can configure it easily via DSL in Config.groovy or in separate config file in production environment.
Both commons-logging and SLF4J are wrappers for Log4j and use it underneath.
The grails.logging.jul.usebridge = true is used to put java.util.logging through SLF4J, as described here.
How to configure Grails to work with Apache Derby instead of HSQLDB
Install the derby driver into the lib folder of your application.
Configure the DataSource:
driverClassName = "org.apache.derby.jdbc.ClientDriver"
dbCreate = "create-drop"
url = "jdbc:derby://localhost:1527/theDatabase"
Start the derby server.
Create the empty database (through ij or a graphical sql client).
Start grails.
You need to have Derby libraries, and configure your DataSources.groovy appropriately. Check out this blog post. It's old, but the instructions might still work.
Configuration for grails 3 in application.yml
dataSource:
dbCreate: create-drop
driverClassName: org.apache.derby.jdbc.EmbeddedDriver
url: jdbc:derby:memory:db;create=true
And build.gradle
dependencies {
runtime 'org.apache.derby:derby:10.12.1.1'
//... other dependencies
}